gafgyt | e95596b5c6cda8005d9b49159572693d0e96126cb0ce52b5908c6c27f554d5e3 | Triage

Submit
Reports

Overview

overview

Static

static

e95596b5c6...54d5e3

ubuntu-18.04-amd64

9

Sharing

General

Target

e95596b5c6cda8005d9b49159572693d0e96126cb0ce52b5908c6c27f554d5e3
Size

124KB
Sample

220725-cx45aabbeq
MD5

0d382b358c9ef778245ea0634c30e08b
SHA1

9e03dd4a4852bcf64a8c6f4481f7e286a4702ace
SHA256

e95596b5c6cda8005d9b49159572693d0e96126cb0ce52b5908c6c27f554d5e3
SHA512

e7e380ac62246815381bc0a915270edb8709a2956a00bec826b67dcc58fd6a328f88f0c88f8beebb9b4283b2f2b672f8f84ae33cbfe554f83b42f1f96aef75ab

Score

10^/10

gafgyt mirai mirai_x86corona discovery

Static task

static1

gafgyt mirai mirai_x86corona

6 signatures

Behavioral task

behavioral1

Sample

e95596b5c6cda8005d9b49159572693d0e96126cb0ce52b5908c6c27f554d5e3

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  e95596b5c6cda8005d9b49159572693d0e96126cb0ce52b5908c6c27f554d5e3
- Size
  
  124KB
- MD5
  
  0d382b358c9ef778245ea0634c30e08b
- SHA1
  
  9e03dd4a4852bcf64a8c6f4481f7e286a4702ace
- SHA256
  
  e95596b5c6cda8005d9b49159572693d0e96126cb0ce52b5908c6c27f554d5e3
- SHA512
  
  e7e380ac62246815381bc0a915270edb8709a2956a00bec826b67dcc58fd6a328f88f0c88f8beebb9b4283b2f2b672f8f84ae33cbfe554f83b42f1f96aef75ab
Score

9^/10

discovery
- Contacts a large (69087) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

gafgytmiraimirai_x86corona

behavioral1

© 2018-2024

Terms | Privacy